Workshop

New Frontiers in Adversarial Machine Learning

Sijia Liu ⋅ Pin-Yu Chen ⋅ Dongxiao Zhu ⋅ Eric Wong ⋅ Kathrin Grosse ⋅ Hima Lakkaraju ⋅ Sanmi Koyejo

Project Page

Abstract

Adversarial machine learning (AdvML), which aims at tricking ML models by providing deceptive inputs, has been identified as a powerful method to improve various trustworthiness metrics (e.g., adversarial robustness, explainability, and fairness) and to advance versatile ML paradigms (e.g., supervised and self-supervised learning, and static and continual learning). As a consequence of the proliferation of AdvML-inspired research works, the proposed workshop–New Frontiers in AdvML–aims to identify the challenges and limitations of current AdvML methods and explore new prospective and constructive views of AdvML across the full theory/algorithm/application stack. The workshop will explore the new frontiers of AdvML from the following new perspectives: (1) advances in foundational AdvML research, (2) principles and practice of scalable AdvML, and (3) AdvML for good. This will be a full-day workshop, which accepts full paper submissions (up to 6 pages) as well as “blue sky” extended abstract submissions (up to 2 pages).

Video

Chat is not available.

Schedule

Timezone: Asia/Seoul

9:50 PM

Opening Remarks

10:00 PM

Adversarial attacks on deep learning : Model explanation & transfer to the physical world

Ajmal Mian

Video

Link

10:30 PM

A tale of adversarial attacks & out-of-distribution detection stories in the activation space

Celia Cintas

Video

Link

11:00 PM

Model Transferability With Responsive Decision Subjects

Yang Liu ⋅ Yatong Chen ⋅ Zeyu Tang ⋅ Kun Zhang

Video

11:06 PM

What is a Good Metric to Study Generalization of Minimax Learners?

Asuman Ozdaglar ⋅ Sarath Pattathil ⋅ Jiawei Zhang ⋅ Kaiqing Zhang

Video

11:12 PM

Toward Efficient Robust Training against Union of Lp Threat Models

Gaurang Sriramanan ⋅ Maharshi Gor ⋅ Soheil Feizi

Video

11:18 PM

On the interplay of adversarial robustness and architecture components: patches, convolution and attention

Francesco Croce ⋅ Matthias Hein

Video

11:30 PM

Machine Learning Security: Lessons Learned and Future Challenges

Battista Biggio

Video

Link

12:00 AM

What Can the Primate Brain Teach Us about Robust Object Recognition?

Joel Dapello

Video

Link

12:30 AM

Poster Session

1:00 AM

Lunch

2:00 AM

New adversarial ML applications on safety-critical human-robot systems

Changliu Liu

Video

Link

2:30 AM

Dr. Aleksander Madry's Talk

Aleksander Madry

Video

Link

3:00 AM

Overcoming Adversarial Attacks for Human-in-the-Loop Applications

Ryan McCoppin ⋅ Sean Kennedy ⋅ Platon Lukyanenko ⋅ Marla Kennedy

Video

3:05 AM

Ad Hoc Teamwork in the Presence of Adversaries

Ted Fujimoto ⋅ Samrat Chatterjee ⋅ Auroop R Ganguly

Video

3:10 AM

Learner Knowledge Levels in Adversarial Machine Learning

Sophie Dai ⋅ Prateek Mittal

Video

3:19 AM

Easy Batch Normalization

Arip Asadulaev ⋅ Alexander Panfilov ⋅ Andrey Filchenkov

Video

3:23 AM

Adversarial Training Improve Joint Energy-Based Generative Modelling

Rostislav Korst ⋅ Arip Asadulaev

Video

3:27 AM

Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence

Arip Asadulaev ⋅ Alexander Panfilov ⋅ Andrey Filchenkov

Video

3:30 AM

Robust physical perturbation attacks and defenses for deep learning visual classifiers

Atul Prakash

Video

Link

4:00 AM

Adversarial Robustness and Cryptography

Somesh Jha

Video

Link

4:30 AM

Poster Session

6:00 AM

Closing Remarks

Rethinking Multidimensional Discriminator Output for Generative Adversarial Networks

Mengyu Dai ⋅ Haibin Hang ⋅ Anuj Srivastava

Generative Models with Information-Theoretic Protection Against Membership Inference Attacks

Parisa Hassanzadeh ⋅ Robert Tillman

Video

Availability Attacks on Graph Neural Networks

Shyam Tailor ⋅ Miguel Tairum Cruz ⋅ Tiago Azevedo ⋅ Nic Lane ⋅ Partha Maji

Video

Robust Models are less Over-Confident

Julia Grabinski ⋅ Paul Gavrikov ⋅ Janis Keuper ⋅ Margret Keuper

Video

Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO

Javier Rando ⋅ Thomas Baumann ⋅ Nasib Naimi ⋅ Max Mathys

Video

Distributionally Robust counterfactual Explanations via an End-to-End Training Approach

Hangzhi Guo ⋅ Feiran Jia ⋅ Jinghui Chen ⋅ Anna Squicciarini ⋅ Amulya Yadav

Video

Meta-Learning Adversarial Bandits

Nina Balcan ⋅ Keegan Harris ⋅ Mikhail Khodak ⋅ Steven Wu

Boosting Image Generation via a Robust Classifier

Roy Ganz ⋅ Michael Elad

Why adversarial training can hurt robust accuracy

jacob clarysse ⋅ Julia Hörrmann ⋅ Fanny Yang

Video

Superclass Adversarial Attack

Soichiro Kumano ⋅ Hiroshi Kera ⋅ Toshihiko Yamasaki

Video

Individually Fair Learning with One-Sided Feedback

Yahav Bechavod ⋅ Aaron Roth

Video

Multi-Task Federated Reinforcement Learning with Adversaries

Aqeel Anwar ⋅ Zishen Wan ⋅ Arijit Raychowdhury

Video

Adversarial Cheap Talk

Christopher Lu ⋅ Timon Willi ⋅ Alistair Letcher ⋅ Jakob Foerster

Thinking Two Moves Ahead: Anticipating Other Users Improves Backdoor Attacks in Federated Learning

Yuxin Wen ⋅ Jonas Geiping ⋅ Liam Fowl ⋅ Hossein Souri ⋅ Rama Chellappa ⋅ Micah Goldblum ⋅ Tom Goldstein

Video

Synthetic Dataset Generation for Adversarial Machine Learning Research

Xiruo Liu ⋅ Shibani Singh ⋅ Cory Cornelius ⋅ Colin Busho ⋅ Mike Tan ⋅ Anindya Paul ⋅ Jason Martin

Video

Making Corgis Important for Honeycomb Classification: Adversarial Attacks on Concept-based Explainability Tools

Davis Brown ⋅ Henry Kvinge

Video

Do Perceptually Aligned Gradients Imply Adversarial Robustness?

Roy Ganz ⋅ Bahjat Kawar ⋅ Michael Elad

Make Some Noise: Reliable and Efficient Single-Step Adversarial Training

Pau de Jorge Aranda ⋅ Adel Bibi ⋅ Riccardo Volpi ⋅ Amartya Sanyal ⋅ Phil Torr ⋅ Gregory Rogez ⋅ Puneet Dokania

Video

Catastrophic overfitting is a bug but also a feature

Guillermo Ortiz Jimenez ⋅ Pau de Jorge Aranda ⋅ Amartya Sanyal ⋅ Adel Bibi ⋅ Puneet Dokania ⋅ Pascal Frossard ⋅ Gregory Rogez ⋅ Phil Torr

Fair Universal Representations using Adversarial Models

Monica Welfert ⋅ Peter Kairouz ⋅ Jiachun Liao ⋅ Chong Huang ⋅ Lalitha Sankar

Video

Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch

Hossein Souri ⋅ Liam Fowl ⋅ Rama Chellappa ⋅ Micah Goldblum ⋅ Tom Goldstein

Early Layers Are More Important For Adversarial Robustness

Can Bakiskan ⋅ Metehan Cekic ⋅ Upamanyu Madhow

Video

Provably Adversarially Robust Detection of Out-of-Distribution Data (Almost) for Free

Alexander Meinke ⋅ Julian Bitterwolf ⋅ Matthias Hein

Video

Attacking Adversarial Defences by Smoothing the Loss Landscape

Panagiotis Eustratiadis ⋅ Henry Gouk ⋅ Da Li ⋅ Timothy Hospedales

Video

Sound randomized smoothing in floating-point arithmetics

Václav Voráček ⋅ Matthias Hein

Video

Robustness in deep learning: The width (good), the depth (bad), and the initialization (ugly)

Zhenyu Zhu ⋅ Fanghui Liu ⋅ Grigorios Chrysos ⋅ Volkan Cevher

Video

Riemannian data-dependent randomized smoothing for neural network certification

Pol Labarbarie ⋅ Hatem Hajri ⋅ Marc Arnaudon

Adversarial robustness of $\beta-$VAE through the lens of local geometry

Asif Khan ⋅ Amos Storkey

Video

``Why do so?'' --- A practical perspective on adversarial machine learning

Kathrin Grosse ⋅ Lukas Bieringer ⋅ Tarek R. Besold ⋅ Battista Biggio ⋅ Katharina Krombholz

Video

Adversarial Estimation of Riesz Representers

Victor Chernozhukov ⋅ Whitney Newey ⋅ Rahul Singh ⋅ Vasilis Syrgkanis

Saliency Guided Adversarial Training for Tackling Generalization Gap with Applications to Medical Imaging Classification System

Xin Li ⋅ Yao Qiang ⋅ CHNEGYIN LI ⋅ Sijia Liu ⋅ Dongxiao Zhu

Video

Self-Destructing Models: Increasing the Costs of Harmful Dual Uses in Foundation Models

Eric Mitchell ⋅ Peter Henderson ⋅ Christopher Manning ⋅ Dan Jurafsky ⋅ Chelsea Finn

Video

Illusionary Attacks on Sequential Decision Makers and Countermeasures

Tim Franzmeyer ⋅ Joao Henriques ⋅ Jakob Foerster ⋅ Phil Torr ⋅ Adel Bibi ⋅ Christian Schroeder

Video

Can we achieve robustness from data alone?

Julia Kempe ⋅ Nikolaos Tsilivis ⋅ Jingtong Su

Video

Gradient-Based Adversarial and Out-of-Distribution Detection

Jinsol Lee ⋅ Mohit Prabhushankar ⋅ Ghassan AlRegib

Video

Investigating Why Contrastive Learning Benefits Robustness against Label Noise

Yihao Xue ⋅ Kyle Whitecross ⋅ Baharan Mirzasoleiman

Layerwise Hebbian/anti-Hebbian (HaH) Learning In Deep Networks: A Neuro-inspired Approach To Robustness

Metehan Cekic ⋅ Can Bakiskan ⋅ Upamanyu Madhow

Video

Efficient and Effective Augmentation Strategy for Adversarial Training

Sravanti Addepalli ⋅ Samyak Jain ⋅ Venkatesh Babu Radhakrishnan

Video

Robust Empirical Risk Minimization with Tolerance

Robi Bhattacharjee ⋅ Max Hopkins ⋅ Akash Kumar ⋅ Hantao Yu ⋅ Kamalika Chaudhuri

Towards Out-of-Distribution Adversarial Robustness

Adam Ibrahim ⋅ Charles Guille-Escuret ⋅ Ioannis Mitliagkas ⋅ Irina Rish ⋅ David Krueger ⋅ Pouya Bashivan

Video

Reducing Exploitability with Population Based Training

Pavel Czempin ⋅

Video

RUSH: Robust Contrastive Learning via Randomized Smoothing

Yijiang Pang ⋅ Boyang Liu ⋅ Jiayu Zhou

Welcome to New Frontiers in Adversarial Machine Learning@ICML 2022!

Yuguang Yao

Dr. Nitesh Chawla's Talk

Nitesh Chawla

Link